

    <?php
    //Start session
    session_start();
     
    //Include database connection details
    require_once('connection.php');
     
    //Array to store validation errors
    $errmsg_arr = array();
     
    //Validation error flag
    $errflag = false;
     
	 //Field Validations
	 
		 $fnamevalidation = $_POST['firstname'];
		 $lnamevalidation = $_POST['lastname'];
		 $emailIdValidation = $_POST['emailid'];
		 $postalCodeValidation = $_POST['postalcode'];
		 $validationFlag = false;
	 	if (!preg_match("/^[a-zA-Z ]*$/",$fnamevalidation))
  		{
			$errmsg_arr[] = 'Invalid First Name: Only letters and white space allowed';
    		$errflag = true;
  		}
		if (!preg_match("/^[a-zA-Z ]*$/",$lnamevalidation))
  		{
			$errmsg_arr[] = 'Invalid Last Name: Only letters and white space allowed';
    		$errflag = true;
  		} 
		if (!preg_match("/([\w\-]+\@[\w\-]+\.[\w\-]+)/",$emailIdValidation))
  		{
 		 	$errmsg_arr[] = "Invalid Email Format"; 
			$errflag = true;
  		}
		if (!is_numeric($postalCodeValidation))
		{
			$errmsg_arr[] = "Invalid Postal Code: Only numbers are allowed"; 
			$errflag = true;
		}
		
	 
    //Function to sanitize values received from the form. Prevents SQL injection
    function clean($str) {
    $str = @trim($str);
    if(get_magic_quotes_gpc()) {
    $str = stripslashes($str);
    }
    return mysql_real_escape_string($str);
    }
     
    //Sanitize the POST values
    $firstname = clean($_POST['firstname']);
    $lastname = clean($_POST['lastname']);
    $emailid = clean($_POST['emailid']);
    $password = clean($_POST['password']);
    $confirmpassword = clean($_POST['confirmpassword']);
    $addressline1 = clean($_POST['addressline1']);
    $addressline2 = clean($_POST['addressline2']);
    $postalcode = clean($_POST['postalcode']);
    echo "<script type='text/javascript'>alert('k,sdnasdk');</script>";
     
	 	 
    //Input Validations
    if($password != $confirmpassword) {
				echo "<script>
alert('password');
</script>";
    $errmsg_arr[] = 'Password and Confirm password should be same';
    $errflag = true;
    }

   
    //If there are input validations, redirect back to the login form
    if($errflag) {
    $_SESSION['ERRMSG_ARR'] = $errmsg_arr;
    session_write_close();
    header("location: registration.php");
    exit();
    }
     
       //Create query
    $qry="INSERT INTO Users (FirstName, LastName, emailId, password, addressline1, addressline2, postalcode) VALUES ('$firstname','$lastname','$emailid','$password','$addressline1','$addressline2','$postalcode')";
    mysql_query($qry);
     
    //Check whether the query was successful or not
    mysqli_close($bd);
    
    session_start();	
    $_SESSION['SESS_FIRSTNAME'] = $firstname;
    $_SESSION['SESS_LASTNAME'] = $lastname;
    $_SESSION['SESS_EMAILID'] = $emailid;
    //session_write_close();
    header("location: index.php");
    exit();
    ?>